I've got an application vulnerable to directory traversal (I know this because it's part of the wording of the question). The application has two directories, public and private, and two php files:
...

I'm building a web app that uses S3. In some of our operations, we're creating a file on S3 with a path that's directly dependent on user input, so an attacker might cause a file to be created on S3 ...

I'm writing a simple HTTP server in Lua and while I can easily find resources on how to secure against Unix directory traversal, I already found some caveats in the Windows version. While I'm already ...

I would like to provide content when a hacker tries something like GET /../../../etc/passwd, but they may choose something else, other than passwd. I will install notification of when somebody does ...